Jailbreak

Cydia

iOS 7.0.6 was released a couple of days ago with a fix for a really nasty SSL connection verification bug that could leave you susceptible to man-in-the-middle attacks on wireless networks from people with malicious intent snooping on your Web activity.

Since SSL connection verification is commonly used in secure Web communication for Web sites like PayPal and other banking or money-handling Web sites, having this bug would have left you wide open to an inexperienced "hacker" that wants to listen in on your Web activity and steal information, or worse, money.

The vulnerability affected many iOS devices on different firmware versions, and Mac OS X machines are also still plagued by the bug. While Apple released iOS 7.0.6 to fix the problem on iOS devices, they have not yet answered the Mac OS X community and are expected to in the near future.

Notably, iOS 7.0.6 can still be jailbroken by evasi0n7, so if you haven't updated to iOS 7.0.6 yet, we would highly recommend that you do go through with the update so that you protect yourself from the nasty SSL connection verification bug. iOS hacker pod2g announced on Twitter yesterday that the bug can affect your security in Mobile Safari, Mail, Facebook, Twitter, and Messages among several other different kinds of applications:

Pod2g also recommends updating to iOS 7.0.6 instead of installing some home-brew fix for the SSL connection verification bug, as this is ultimately the safest and most secure way to go about things.

Since OTA (over the air) updating is disabled on devices jailbroken with evasi0n7, if you're already jailbroken on an earlier version of iOS, then you should download the update through iTunes. You should perform an iTunes backup of your iOS device to save all of your user settings and personal data before going through with the update, and you can right-click on your device on the left sidebar of iTunes and click "transfer purchases" to make sure that all of your apps, music, and other content gets transferred to your library.

After you've backed up your iOS device and everything on it, you can then place your device into DFU mode and restore to the iOS 7.0.6 firmware you downloaded. Once the restore is finished, you can choose to restore your iOS device from a backup in iTunes, and you can select the backup you made prior to the restore.

After your device is running iOS 7.0.6 and your settings, applications, and media have all been restored and synced, you can launch the latest version of evasi0n7 (version 1.0.6), which was released just yesterday with support for iOS 7.0.6, and you can jailbreak your iOS device and re-download all of the jailbreak tweaks that you had installed prior to updating your iOS device. Because you made a backup, all of your jailbreak tweak settings should all still be there and you shouldn't have to reconfigure them (I didn't have to for mine).

For a guide on how to jailbreak your iOS 7.0.6 device, whether you're re-jailbreaking or jailbreaking your iOS 7.0.6 device for the first time, you can follow this link.

If you plan on going through with the update, you should do so soon. iOS 7.1 is reportedly launching in the middle of March and it patches the evasi0n7 jailbreak. You should get yourself to iOS 7.0.6 soon so that you're not forced to upgrade to iOS 7.1 when it comes out. Once it's out, Apple won't sign iOS 7.0.6 anymore.

The only glitch I ran into was, iTunes wouldn't do the download+update in one step. I had to choose the Download-only option, then update. Of course I backed up first on iTunes. I also have the Cydia app PKGBackup installed, so I used that too to save all my Cydia apps and settings.

After that the evasi0n jailbreak was easy and I first restored PKGBackup, then recovered all previous Cydia apps. To my surprise I didn't even have to provide any passwords again and everything, including my prior jailbreak icon configuration, was restored. So it was as easy as could be but still took a couple of hours waiting for the iTunes download, synching, backup, restore, etc. but well worth it to patch this serious security hole. Damn good thing this was fixed now and not in 7.1.

I updated as soon as I got the time to. I hate starting over (unless it's for an x.0 beta), but with this, I totally did it. I advise everyone to get this update and then maybe a VPN like Cloak or something for public wifi.

The only glitch I ran into was, iTunes wouldn't do the download+update in one step. I had to choose the Download-only option, then update. Of course I backed up first on iTunes. I also have the Cydia app PKGBackup installed, so I used that too to save all my Cydia apps and settings.

After that the evasi0n jailbreak was easy and I first restored PKGBackup, then recovered all previous Cydia apps. To my surprise I didn't even have to provide any passwords again and everything, including my prior jailbreak icon configuration, was restored. So it was as easy as could be but still took a couple of hours waiting for the iTunes download, synching, backup, restore, etc. but well worth it to patch this serious security hole. Damn good thing this was fixed now and not in 7.1.

You must be restoring+updating your iPhone to factory condition in iTunes, then jailbreaking, then recovering from backup. In the first step do only the "Check for Update" not "Restore iPhone". The whole thing should take 1 or 2 hours, the shorter time if you use a Cydia backup app like PKGBackup.

Many apps/tweaks I had on 7.0.4 don't seem to work on 7.0.6 or I can't even find on my sources (MultiIconMover+).
Now did I miss something here or developers have to release a compatible version of their apps to work with 7.0.6?

Many apps/tweaks I had on 7.0.4 don't seem to work on 7.0.6 or I can't even find on my sources (MultiIconMover+).
Now did I miss something here or developers have to release a compatible version of their apps to work with 7.0.6?

Uninstalled/reinstalled BigBoss repo and apps work, I knew I had seen something about it before...